Wi-Fi How To
Collection of "How To" step-by-step recipies for making Wi-Fi work better. __FORCETOC__ Get started Wireless Networking Need To Know 2006 Measure wireless network performance * Internet speed testing (e.g., ''NDT) probably ''won't tell you anything about your wireless network performance (because wireless is normally faster than an Internet connection). * Instead, measure data transfer throughput between two computers on your network, using software tools such as: ** Iperf ** Netio * Wireless to wireless speed will probably be much less than wireless to wired speed, because only one wireless link in one direction can be active at any one time. Network Monitoring Monitor network throughout, amount of data sent/received, etc. See Network Monitors. Why and How to do a Site Survey * Crash Course: Wireless Site Surveys Use a wireless router as a wireless access point # Set IP address (manually) #* In the same address range as your other devices #* That doesn't conflict with any other device (e.g., router) # Disable internal DHCP server. # Connect (Ethernet) cable to LAN port, not WAN/Internet port. #* Nothing connected to WAN/Internet port. #* May need to use crossover type cable. # Disable any wireless-to-wired isolation feature. Secure a wireless network # Change the SSID to something truly unique (e.g., ''instead of ''Linksys, something like John Doe's private wireless). # Use some form of WPA security with a strong passphrase. (WEP is easily cracked in minutes.) # Use a personal firewall (software firewall) on all networked computers (wired or wireless). # [[#Secure network shares|Secure all network shares]] * For more information, see Wi-Fi Security. ** For things not to do, see Wi-Fi Security Myths. Secure WDS WPA (Wi-Fi Protected Access) cannot normally be used to secure WDS (Wireless Distribution System) wireless repeating/range extension. However, according to the TechTarget Expert Answer Center, current versions of the following products support WDS with WPA (albeit likely only with products from the same vendor): * Apple Airport * Sveasoft Alchemy * Belkin 802.11g Wireless Network Access Point * 3COM OfficeConnect Wireless 108 Mbps 11g PoE Access Point * Corinex Wireless to Powerline Router G Setup a hotspot See: * Controlling WLAN access on a tight budget * Intel Wireless Hotspot Deployment Guide * Wireless Isolation * Wikipedia:Hotspot (Wi-Fi) Liability: * ISP Liability * New Law Limits ISP Liability for Copyright Infringement Hotspot hardware Products that provide "captive portal" or splash page functionality: * D-Link ** Airspot DSA-3100 Public/Private Hot Spot Gateway ** Airspot DSA-3200 Wireless G Public/Private Hot Spot Gateway ** Airspot DSA-5100 Public/Private Hot Spot Gateway * Instant HotSpot * Linksys WRT54GL with modified firmware (Linksysinfo.org) ** See also Wi-Fi 3rd-party Firmware * SonicWALL TZ 150 Wireless * ZyAIR B-4000 Turn-key Hotspot Gateway Hotspot software Products that provide "captive portal" or splash page functionality: * DNS Redirector (Runs on Windows XP/2K/2K3 using any existing AP hardware) * Free RADIUS (open source RADIUS server) * tinyPEAP (very small RADIUS server) * ZoneCD (Public IP) Controlling "squatters" and "leeching" Of varying effectiveness: # Password from the operator that must be entered on the initial splash or signon page, changed periodically. # WEP or WPA key that changes periodically. # Drastically reduced transmit power on the access point. # Distance measuring devices that can tell if the client is inside or outside. # Turn off wireless during off hours. # Don't provide electrical power (limiting use to battery capacity). # Download quotas and Quality of Service (QoS). These are rule based quotas for what an individual client may download. QoS is also good for preventing a user from hogging all your bandwidth. However, administration is tricky and there are ways around quotas. Mobile hotspot * Mobile RV ** WiFiRV (RV hotspot service provider) ** Roaming RV Hot Spots LLC (turnkey RV package) Secure Internet access in a public hotspot * Wireless transmissions on a public hotspot are typically unencrypted, and thus exposed to snooping. * All computers on a public hotspot are typically exposed to each other, and thus vulnerable to network attacks. Use a software firewall * A good software "firewall" will protect your computer from network attacks. * See Wi-Fi Software Firewall. Secure network shares * Use strong passwords on all system accounts (including Administrator) and on all user accounts. * Microsoft Windows *# Use Simple File Sharing (Windows XP only); or *# Make sure that all network shares are secured with strong passwords (all versions of Windows). Use Control Panel → Administrative Tools → Computer Management → Shared Folders → Shares to review and check Properties of all network shares. Use SSL/TLS for email access * Using standard POP3/SMTP email protocols for email over wireless is very dangerous because passwords aren't encrypted. Use of SSL/TLS is the best way to secure email connections. * Email connections can be secured by using a Web-based email (webmail) service that supports SSL/TLS connections. Make sure your browser displays a padlock icon (just below) throughout your email session. Such services include: ** Google Mail (Gmail) (free) if you use this link after ''login: https://mail.google.com/ * POP3/SMTP sessions can also be protected if the email provider supports SSL/TLS. Such providers include: ** Google Mail (Gmail) (free) (Help available on configuring many email clients) * Even with SSL/TLS, '''email is still vulnerable to snooping' on the public Internet unless individual messages are encrypted (e.g., ''with S/MIME or OpenPGP). Use SSL/TLS for sensitive Web pages * Use of ''any ''website for sensitive information (''e.g., ''social security number, credit card number, on-line banking, on-line investments, ''etc.) should always be protected by means of SSL/TLS. The URL (link) should start with https. Make sure your browser displays a padlock icon (https://.) throughout your session. Use VPN to protect all transmissions * VPN (Virtual Private Networking) is used to construct and connect private networks using the public Internet. Communications are secured by means of some type of encryption, depending on the specific type of VPN. * See Wi-Fi VPN Service Providers. Give Wi-Fi preference over wired Ethernet (or vice versa) Interface routing Metrics control which interface will be used at any given time. Microsoft Windows * Automatic route Metrics: : * To display route Metrics, Run %COMSPEC% /K ROUTE PRINT ** For which Interface is which IP address, Run %COMSPEC% /K IPCONFIG /ALL ** Preference is given to the lowest Metric, or to the first bound Interface for equal Metrics, as shown for Default Route. * Route Metrics can be controlled with the Interface Metric option in Advanced TCP/IP Settings for a Connection. ** To give Wi-Fi preference over any wired Ethernet, set the Metric of Wireless to 10. ** To give any wired Ethernet preference over Wi-Fi, set the Metric of Wireless to 40. Make a Wi-Fi antenna or reflector for cheap * www.FreeAntennas.com ** Really works! ** Can help even when antenna isn't replaceable * Wikipedia:Cantenna * Coffee Cantenna * TinCantenna * Do-It-Yourself Wireless Antennas Update and Resource Center Amount of antenna improvement: * Standard "rubber duck" antenna gain (effectiveness) is about 2 dBi. * It takes an increase of 3 dBi to double range. Thus: : Add additional Wi-Fi access points (to increase coverage) * Configure all access points with same SSID * Ideally use different minimally interfering channels (1, 6, 11) * Place them: ** 'back-to-back' with directional antennas in opposite directions, or ** in different locations. * Additional access points best connected by wire to router, by means of ** Standard Ethernet cable ** Powerline networking ** Phoneline networking ** TV cable networking (Ethernet over coax) *** Coaxsys *** Multilet * Wireless repeater or WDS can be used, but: ** Can be difficult to get working ** Wireless throughput is cut in half Configure a Wi-Fi client bridge For background, see Can't connect to Wi-Fi client bridge and Internet at the same time. Problem: The NIC on a local computer needs a manually-assigned IP on the same subnet to connect to the client bridge config interface but then can't access the Internet, and when configured for DHCP through the client bridge can then talk to the Internet but not the client bridge. Solutions: # Multihoming of the NIC (single link, multiple IP addresses) #* For Microsoft Windows XP, see "Configuring Multiple IP Addresses on a Network Adapter" in Configuring IP Addressing and Name Resolution. Note: This only works with all manual addresses, not DHCP, which can be problematic when roaming unless managed with configuration manager software (see below) # Two NICs in one computer, both connected to the client bridge: #* one manually configured to talk to the client bridge config #* the other with DHCP for the Internet # Different computers for #* client bridge config (manually configured) #* Internet access (DHCP) # Connection manager software for rapid changing of NIC configuration profiles #* Boingo Wi-Fi software (free) #* Mobile Net Switch #* NetSwitcher Test and compare user interfaces Product simulators: * D-Link * Linksys Wireless Broadband (3G) Routers Use 3G cellular data instead of DSL or cable modem: * Junxion Box (works with GSM or CDMA) * Kyocera KR1 Broadband EVDO Router * Top Global EVDO Routers * EVDO Coverage.com Make shore Wi-Fi work better on a sailboat This will give far more range than regular Wi-Fi at deck or cabin level: *Install weatherized high-gain omnidirectional antenna at top of mast *Install weatherized ''client bridge (e.g., ''SENAO SL-2611CB5 or SOC-3220) near antenna at top of mast and connect to antenna *Run weatherized CAT5 cable down (inside) mast from client bridge *Power client bridge with Power over Ethernet *At cabin end of Ethernet cable, put: ** Hub or switch (for wired network connections) ** Wi-Fi access point (for Wi-Fi network connections) ** Bluetooth access point (''e.g., ''ANYCOM AP-2002) (for Bluetooth network connections) See ''Wi-Fi Marine Resources. Share your Internet with a neighbor via Wi-Fi * See: ** Wireless Isolation ** Setup a Hotspot Extend Wi-Fi through a brick wall Roam seamlessly (using VPN) Information: * Mobile IP (MobileInfo.com) * RFC 2002 IP Mobility Support * Network design with Mobile IP Products: * Birdstep Intelligent Mobile IP Client * Cisco Mobile Client for Windows 2000, XP * ipUnplugged * Viatores Mobile IP VPN Make a Wi-Fi enclosure Microsoft Windows Troubleshooting Resources * How to troubleshoot wireless network connections in Windows XP * How to troubleshoot TCP/IP connectivity with Windows XP * How to Troubleshoot TCP/IP Connectivity with Windows 2000 or Windows NT * How to troubleshoot network connectivity problems * How to troubleshoot possible causes of Internet connection problems in Windows XP * How to reset Internet Protocol (TCP/IP) in Windows XP * How to Set Up a Small Network with Windows XP Home Edition * How to troubleshoot home networking in Windows XP * How to troubleshoot network printing problems in Windows XP * How to Troubleshoot Network Printing Problems * Basic L2TP/IPSec Troubleshooting in Windows XP * Availability and description of the Port Reporter tool (logs TCP and UDP port activity) * How to install the Microsoft Loopback adapter in Windows XP Configure manual IP address # Start → Control Panel → Network Connections # Right-click on desired network connection, and select Properties on the pop-up menu # Scroll the connection item list if necessary and double-click Internet Protocol (TCP/IP) # Select Use the following IP address # Enter desired IP address (must be in the same subnet as other local network devices, typically something like 192.168.0.100 or 192.168.1.100, depending on whether other devices are in ".0." or ".1." etc.) # Enter appropriate Subnet mask (typically 255.255.0.0) # Enter Default gateway (often the address of your router, something like 192.168.0.1 or 192.168.1.1) # If needed, configure DNS servers (obtained from your ISP) # Click OK to close all windows Configure automatic IP address e.g., ''by DHCP # ''Start → Control Panel → Network Connections # Right-click on desired network connection, and select Properties on the pop-up menu # Scroll the connection item list if necessary and double-click Internet Protocol (TCP/IP) # Select Obtain an IP address automatically # Select Obtain DNS server address automatically # Click OK to close all windows Reset Internet Protocol (TCP/IP) in Windows XP * See How to reset Internet Protocol (TCP/IP) in Windows XP (KB 299357) Display network adapter configuration # Click Start → Run # Type: %COMSPEC% /K IPCONFIG /ALL # Press Enter Release DHCP lease # Click Start → Run # Type: %COMSPEC% /K IPCONFIG /RELEASE # Press Enter Renew DHCP lease # Click Start → Run # Type: %COMSPEC% /K IPCONFIG /RENEW # Press Enter Flush DNS cache # Click Start → Run # Type: %COMSPEC% /K IPCONFIG /FLUSHDNS # Press Enter Display ARP cache (table) # Click Start → Run # Type: %COMSPEC% /K ARP -A # Press Enter Flush ARP cache (table) # Click Start → Run # Type: %COMSPEC% /K NETSH INTERFACE IP DELETE ARPCACHE # Press Enter Display active network connections and listening ports # Click Start → Run # Type: %COMSPEC% /K NETSTAT -A # Press Enter Display Ethernet statistics # Click Start → Run # Type: #* %COMSPEC% /K NETSTAT -E display #* %COMSPEC% /K NETSTAT -E -S display # Press Enter * For a repeating display, add the repeat interval in seconds to the end of the above commands; e.g. ''%COMSPEC% /K NETSTAT -E 10 at 10 second intervals * '''See also ''Wi-Fi Network Monitors.' Display Windows networking connections # Click ''Start → Run # Type: %COMSPEC% /K NBTSTAT -S # Press Enter